The report, “Trends in Circumventing Web-Malware Detection,” analyzes four years of data covering some 160 million Web pages on roughly 8 million sites. As part of their analysis, Google researchers took a look at four of the most popular malware detection technologies on the Web: virtual machine client honeypots, browser emulator client honeypots, domain reputation and antivirus. In each case, attackers have found ways to sneak their way around security defenses, marking another leg in the ongoing race between attackers and vendors.

In a joint blog post, Google Security Team members noted that while social engineering is a popular Modus operandi for attackers, drive-by downloads are much more common. According to their analysis, attackers are quick to switch to new and more reliable exploits to avoid detection, and that most vulnerabilities are exploited only for a short period of time until new ones become available.